Bitcoin Forum
November 21, 2017, 06:10:03 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Botnets with remote desktop access  (Read 488 times)
Lionel
Sr. Member
****
Offline Offline

Activity: 388


View Profile
June 29, 2016, 12:18:16 PM
 #1

Hacker stuff has always fascinated me and i have read a lot about botnets.

I have known of a guy that one day was working at his PC and suddenly... the mouse pointer was moving by itself on the screen!! It went over the Chrome icon and opened a browser instance, then clicked on the address bar and start typing something !!

The guy was frightened and reacted instinctively at that point: he shut down the system immediately via the hardware button.
Then he formatted everything.

So i am wondering... was his PC a zombie system belonging to a botnet?
And... was a remote desktop client like Teamviewer installed there stealthly by the botnet owner through the virus that turned that PC into a zombie ?

I've never heard of a botnet capable of doing this!!
They usually can receive and execute DDOS commands and other simple stuff, but giving remote access is high-tech !!

So a question to the experts: is it that botnets have evolved like that in the 2016? And maybe the botnet managers rent or sell remote access to the bots?

So scary, some chil-dpo-rn fan may sneak into my PC , visit his favourite sites using my IP and the day after the police enters my house :O
1511287803
Hero Member
*
Offline Offline

Posts: 1511287803

View Profile Personal Message (Offline)

Ignore
1511287803
Reply with quote  #2

1511287803
Report to moderator
Join ICO Now A blockchain platform for effective freelancing
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1511287803
Hero Member
*
Offline Offline

Posts: 1511287803

View Profile Personal Message (Offline)

Ignore
1511287803
Reply with quote  #2

1511287803
Report to moderator
1511287803
Hero Member
*
Offline Offline

Posts: 1511287803

View Profile Personal Message (Offline)

Ignore
1511287803
Reply with quote  #2

1511287803
Report to moderator
bitboy11
Hero Member
*****
Offline Offline

Activity: 534



View Profile
June 29, 2016, 12:25:27 PM
 #2

Probably was TeamViewer like you said. It is very disturbing when you see someone else remotely controlling your computer. Any time I buy a computer, I disable all remote access functions and I never add such dangerous programs.
saddampbuh
Legendary
*
Offline Offline

Activity: 1176



View Profile
June 29, 2016, 04:56:56 PM
 #3

they infect you with their bot/rat and then watch what you're doing and steal your information and sell it, there's nothing high tech about it, any kid can do it its like $100 for the rat and a crypter to make it undetected

Be radical, have principles, be absolute, be that which the bourgeoisie calls an extremist: give yourself without counting or calculating, don't accept what they call ‘the reality of life' and act in such a way that you won't be accepted by that kind of ‘life', never abandon the principle of struggle.
Lionel
Sr. Member
****
Offline Offline

Activity: 388


View Profile
June 29, 2016, 07:34:19 PM
 #4

they infect you with their bot/rat and then watch what you're doing and steal your information and sell it, there's nothing high tech about it, any kid can do it its like $100 for the rat and a crypter to make it undetected

Well ok the kid just buys the turnkey solution , but he still needs to spread it through drive-by downloads.

And that is not easy, you can't just put an .exe on emule or Bittorrent and name it like "Watch.HD.Movies.exe" and hope that the fools fall for it.

Maybe he can put the malware in a game crack but he still needs many seeders/leechers to be able to spread it, otherwise no one will download it
and it is not trivial.
The first one that spots the virus will flag the torrent and everybody else will see it.

So even being a script kiddie is hi-tech
Spoetnik
Legendary
*
Offline Offline

Activity: 1442


FUD Philanthropist™


View Profile
June 29, 2016, 07:55:14 PM
 #5

I checked out the source code to the RootKit "Zuess"
It could do that and much more..
This was no keylogger.. it was a professional rootkit system
that was sold privately i was told for $10,000 (later leaked out)
The code on it is seriously impressive !
This is one HUUUUUUUUUUGE massive project.. LOTS of code written.

I got the code still somewhere (i used to collect code leaks)
I have all kinds from Valve Games / Steam to Kasperky to Norton AV's to WIndows 2000

Anyway Google Rootkit Wink
It *could* have been that.

And Google "Sub7 Trojan"

FUD first & ask questions later™
Lionel
Sr. Member
****
Offline Offline

Activity: 388


View Profile
June 29, 2016, 11:49:57 PM
 #6

I checked out the source code to the RootKit "Zuess"
It could do that and much more..
This was no keylogger.. it was a professional rootkit system
that was sold privately i was told for $10,000 (later leaked out)
The code on it is seriously impressive !
This is one HUUUUUUUUUUGE massive project.. LOTS of code written.

I got the code still somewhere (i used to collect code leaks)
I have all kinds from Valve Games / Steam to Kasperky to Norton AV's to WIndows 2000

Anyway Google Rootkit Wink
It *could* have been that.

And Google "Sub7 Trojan"

I have read of that Sub7 which is very old but already did a good part of what it is needed to get a remote desktop: it sends desktop screenshots to the controller, so that he can view the desktop in real time if 5-10 screenshots a second are sent

The only thing it needs is the ability to receive mouse and keyboard commands , and there you have a handy remote desktop.
That should be easy for today's trojans, if even Sub7 in the early 2000 was already near that.

But maybe it is not a so desired feature because it lets the victim spot the malware easily, while it is better to remain hidden and do your business Smiley
For example for doing click fraud activities, is it necessary to have remote desktop control? I think it isn't , just use the bot as a proxy or VPN server.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!